Gravity Forms Arbitrary File Upload Hack 2015

Gravity Forms Arbitrary File Upload Hack 2015

We absolutely love Gravity Forms. We use their product in each and every website that we create and host. Unfortunately, a recent security flaw was found which allowed a hacker to upload a php file to the uploads directory of WordPress through a Gravity Form. The other good thing is that we also use iThemes Security Pro on each of our sites as well. One of the settings we set disallows PHP execution from within the WordPress uploads directory. None of our sites were compromised which is awesome! Thank you iThemes Security Pro!